Friday, April 07, 2006

New Phishing Flaw in Internet Explorer

Hai Nam Luke has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to conduct phishing attacks.

The vulnerability is caused due to a race condition in the loading of web content and Macromedia Flash Format files (".swf") in browser windows.

This can be exploited to spoof the address bar in a browser window showing web content from a malicious web site.

Secunia has constructed a test, which can be used to check if your browser is affected by this issue

No comments:

Post a Comment